U.S. to Seek Cyber-attack Explanation from China

Updated: State Department spokesperson Philip Crowley says the United States will lodge a formal complaint against China regarding cyber-attacks that struck Google, Adobe Systems and dozens of other companies.

The United States
plans to ask China
for an explanation regarding the cyber-attacks that recently hit Google, Adobe
Systems and dozens of other companies.
In remarks Jan. 15 to the press, State Department spokesperson Philip
Crowley said the United States
will be issuing a formal demarche to the Chinese Government on this issue in
the coming days, most likely early next week. A transcript of his remarks is available here.

The demarche, Crowley
said, would "express our concern for this incident and request information
from China as
to an explanation of how it happened and what they plan to do about it."

News of the cyber-attacks came to light when Google
reported that it had uncovered an attack targeting its infrastructure and
threatened to close down its Chinese operation.
"In mid-December, we detected a highly sophisticated
and targeted attack on our corporate infrastructure originating from China
that resulted in the theft of intellectual property from Google,"
explained David Drummond, Google's senior vice president of corporate
development and chief legal officer, in a Jan. 12 blog post. "However, it
soon became clear that what at first appeared to be solely a security incident-albeit
a significant one-was something quite different."
In the days since Drummond's blog post, reports
about the attack have linked it to exploits targeting Adobe Reader and
Internet Explorer. However, VeriSign's iDefense Labs has now retracted its
statement regarding the Adobe vulnerability, saying it has been unable to
confirm reports that this is an issue. Microsoft
issued an advisory on the Internet Explorer issue Jan. 14.

"Incidents like this serve to bring the issue to the
forefront, and I believe that Google is using the bully pulpit it has to bring
the issue to mainstream attention," said Nick Selby, managing director at IT
and physical security consultancy Trident Risk Management. "When you
see Google and China and hacking on the front page of USA Today, nongeeks take
notice-it's important to note that Google is itself far from the 'good guy' in
this fight, with its capitulation to demands by the Chinese government to
censor search results eroding any 'underdog' cred it might otherwise have
enjoyed."
Editor's
Note: This story was updated with
a retraction from iDefense Labs regarding reports of an Adobe vulnerability.